<?php

// ##############################################################################||
// #                                                                 
// #   MySmartBB Version 1.7.0	                                      
// #   http://www.MySmartBB.com                                      
// #   Copyright (c) 2008 by MySmartBB team                           
// #   license http://opensource.org/licenses/gpl-license.php GNU Public License
// #                                                             
// #   filename : show.php    
// #   show subjects and replies            
// #                                                                  
// ##############################################################################||

// ** General definitions **

     define('NOT_IN_INDEX',1);
     define('SHOW_SUBJECT',1);

     include('common.php');
     include('includes/pager.php');
				  
	 if (($member_permission == 1) and ($info_row['fastreply_allow'] == 1))
	 {
		include('includes/SmartCode.js');
	 }

     if ($_GET['main'] == 1)
     {
         // Subject
         $id = intval($_GET['id']);

         if (!isset($_GET['page']) OR $_GET['page'] < 1)
         {
             $_GET['page'] = 1;
         }

         $page  = intval($_GET['page']);
         $start = ($info_row['subject_perpage'] * ($page-1));

         $RP = new Pager($page);

		 $Smarty->assign('page', $page);
         $Smarty->assign('writer_is_visitor',0);
         $Smarty->assign('mod_toolbar',0);
         $mode_toolbar = 0;

         $subject_query  = $DB->sql_query("SELECT * FROM " . $db_prefix . "subject WHERE id='$id'");
         $subject_num    = $DB->sql_num_rows($subject_query);
         $subject_row    = $DB->sql_fetch_array($subject_query);

          $SF->html_title_page($SF->SafeOutPuts($subject_row['title']) . ' - (Powered By MySmartBB Universal)');
		  
         $topic_time = user_time( $subject_row['native_write_time'], ( $member_permission == 1 ) ? $member_row['user_time'] : $info_row['time_stamp'] );

         if ($member_row['username'] != $subject_row['writer'])
         {
             $update_visitor = $DB->sql_query("UPDATE " . $db_prefix . "subject SET visitor=visitor+1 WHERE id='$id'");
         }

         if ($subject_row['poll_subject'] == 1)
         {
             $getpoll_query  = $DB->sql_query("SELECT * FROM " . $db_prefix . "poll WHERE subject_id='" . $subject_row['id'] . "'");
             $getpoll_row    = $DB->sql_fetch_array($getpoll_query);
             $Smarty->assign_by_ref('getpoll_row',$getpoll_row);

		for($i=1;$i<=8;$i++)
		{
			 $sum+=$getpoll_row['res'."$i"];
		}
		$sum1=$sum;
		if($sum==0){$sum=1;}
		$Smarty->assign('sum',$sum);
		$Smarty->assign('sum1',$sum1);


             if ($member_permission == 1)
             {
                 $checkifpoll = $DB->sql_query("SELECT * FROM " . $db_prefix . "vote WHERE poll_id='" . $getpoll_row['id'] . "' AND member_id='" . $member_row['id'] . "'");
                 if ($DB->sql_num_rows($checkifpoll) <= 0)
                 {
                     $Smarty->assign('submit',1);
                 }
             }
         }

         if ($groupper_row['group_mod'] == 1)
         {
             $getsectionmod_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "sectionadmin WHERE section_id='" . $subject_row['section'] . "' AND member_id='" . $member_row['id']  . "'");
             $getsectionmod_num   = $DB->sql_num_rows($getsectionmod_query);

             if ($getsectionmod_num != 0)
             {
                 $Smarty->assign('mod_toolbar',1);
                 $mode_toolbar = 1;
             }
         }

         if ($groupper_row['admincp_allow'] == 1 or $groupper_row['vice'] == 1)
         {
             $Smarty->assign('mod_toolbar',1);
             $mode_toolbar = 1;
         }

         if ($subject_num == 0)
         {
             $SF->error('المعذرة، الموضوع المطلوب غير موجود');
         }

         if ($subject_row['delete_topic'] == 1 and $groupper_row['admincp_allow'] != 1)
         {
             $SF->error('هذا الموضوع منقول لسلّة المحذوفات');
         }

         $writer_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "member WHERE username='" . $SF->SafeSQL($subject_row['writer']) . "'");
         $writer_row   = $DB->sql_fetch_array($writer_query);
         $writer_num   = $DB->sql_num_rows($writer_query);

         $sep_query = $DB->sql_query("SELECT separate_allow FROM ".$db_prefix."info");
         $separate_array = $DB->sql_fetch_array($sep_query);
         $separate_allow = $separate_array[separate_allow];
         $Smarty->assign('separate_allow',$separate_allow);
         $rep = $DB->sql_query("SELECT * FROM ".$db_prefix."reply WHERE writer='" . $SF->SafeSQL($subject_row['writer']) . "'");
         $rep_num = $DB->sql_num_rows($rep);
         $Smarty->assign('rep_num',$rep_num);
         $auth = $DB->sql_query("SELECT * FROM ".$db_prefix."subject WHERE writer='" . $SF->SafeSQL($subject_row['writer']) . "'");
         $auth_num = $DB->sql_num_rows($auth);
         $Smarty->assign('auth_num',$auth_num);

         if ($writer_num >= 0)
         {
             if ($writer_row['user_gender'] == 'm')
             {
                 $Smarty->assign('gender','ذكر');
             }

             if ($writer_row['user_gender'] == 'f')
             {
                 $Smarty->assign('gender','أنثى');
             }

             $register_date = $SF->DateFormatDo($writer_row['register_date']);
             $Smarty->assign('register_date',$register_date);

             $writeronline_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "online WHERE username='" . $SF->SafeSQL($writer_row['username']) . "'");
             if ($DB->sql_num_rows($writeronline_query) > 0)
             {
                 $Smarty->assign('status',"<img src='image/online.png'>");
             }

             if ($DB->sql_num_rows($writeronline_query) <= 0)
             {
                 $Smarty->assign('status',"<img src='image/offline.png' >");
             }
         }
         else
         {
             $Smarty->assign('gender','ذكر');
             $Smarty->assign('status',"<font class='offline'>غير متصل</font>");
         }

         $section_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "section WHERE id='" . $subject_row['section'] . "'");
         $section_row   = $DB->sql_fetch_array($section_query);

         if (($section_row['hide_subject'] != 1) or ($section_row['hide_subject'] == 1 and $groupper_row['admincp_allow'] == 1))
         {
             // لا تفعل شيئاً
         }

         if ($section_row['hide_subject'] == 1 and $groupper_row['admincp_allow'] != 1)
         {
             $RP->SetPagerN($info_row['subject_perpage'],$DB->sql_num_rows($DB->sql_query("SELECT * FROM " . $db_prefix . "subject WHERE section='$id' AND delete_topic<>'1' AND stick<>'1' AND writer='" . $SF->SafeSQL($member_row['username']) . "'")));
             if ($subject_row['writer'] != $SF->SafeSQL($member_row['username']))
             {
                 $SF->error('لا يمكنك مشاهدة هذا الموضوع');
             }
         }

         $Smarty->assign('topic_time',$topic_time);
         $Smarty->assign_by_ref('section_row',$section_row);

         if (!empty($section_row['section_password']) and $groupper_row['admincp_allow'] != 1 and empty($_GET['password']))
         {
             $Smarty->assign('show_file','&show_file=1&subject_id=' . intval($_GET['id']));
             $Smarty->display('section_password.tpl');
             $SF->MySmartBB_Exit();
         }

         if (!empty($section_row['section_password']) and $groupper_row['admincp_allow'] != 1 and !empty($_GET['password']))
         {
             $check_password = $DB->sql_num_rows($DB->sql_query("SELECT * FROM " . $db_prefix . "section WHERE id='" . $section_row['id'] . "' AND section_password='" . base64_decode($_GET['password']) . "'"));
             if ($check_password <= 0)
             {
                 $SF->error('المعذرة، كلمة المرور ليست صحيحة');
             }
             else
             {
                 $url_password = '&password=' . htmlspecialchars($_GET['password']);
             }
         }

         if ($member_permission != 0)
         {
             $group_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "sectiongroup WHERE group_id='" . $member_row['usergroup'] . "' AND section_id='" . $section_row['id'] . "'");
             $group_row   = $DB->sql_fetch_array($group_query);
         }

         if ($member_permission == 0)
         {
             $group_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "sectiongroup WHERE group_id='7' AND section_id='" . $section_row['id'] . "'");
             $group_row   = $DB->sql_fetch_array($group_query);
         }

         if ($group_row['view_section'] == 0)
         {
             $SF->error('المعذرة، لا يمكنك الاطلاع على هذا الموضوع');
         }
		 
         $Smarty->assign_by_ref('subject_row',$subject_row);

         if ($subject_row['writer'] != 'زائر')
         {
             $Smarty->assign_by_ref('writer_row',$writer_row);
             $Smarty->assign('writer_is_visitor',0);
         }

         if ($subject_row['writer'] == 'زائر' or $writer_num <= 0)
         {
             $Smarty->assign('writer_is_visitor',1);
         }
		 
		$text = $subject_row['text'];
		//$text = $SF->SafeOutPuts($text);
		
		$ban = $ip_row['banned_word'];
		$ban = $SF->SafeOutPuts($ban);

    	$list = explode("
", $ban);

     foreach($list as $ip){
         $text = str_replace($ip, '*', $text);
}


         if (!empty($_GET['highlight']))
         {
             $text = eregi_replace($_GET['highlight'],"<font class='highlight'>" . $_GET['highlight'] . "</font>",$text);
         }

         $text = $SF->SmilesReplace($text);

         if ($section_row['usesmartcode_allow'] == 1)
         {
             $text = preg_replace('#\[(code|php|html)\](.*)\[/\\1\]#siUe', "strip_smiles(str_replace('\\\"', '\"', '\\0'))", $text);
             $text = $SF->SmartCode_replace($text);
         }
         else
         {
             $text = nl2br($text);
         }

         $getattach_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "attach WHERE subject_id='" . $id . "' AND reply<>'1'");
         $getattach_num = $DB->sql_num_rows($getattach_query);
         if ($getattach_num != 0)
         {
		 
///////
                 $update = $DB->sql_query("UPDATE " . $db_prefix . "subject SET attach_subject='" . 1 . "' WHERE id='" . $id . "'");

                 if ($update)
                 {
///////		 
		 
             while ($getattach_row = $DB->sql_fetch_array($getattach_query))
             {
                 $attach_ex = $SF->Get_file_extension(htmlspecialchars($getattach_row['filename']));
                 $image_extensions = array ('.jpg',
                                           '.gif',
                                           '.jpeg',
                                           '.jpe',
										   '.png',
                                           '.bmp'
                                          );
                 if (in_array ($attach_ex,$image_extensions))
                 {
                     $image_size = @getimagesize("" . $getattach_row['filepath'] . "");
                     $height = $image_size[1];
                     $width = $image_size[0];
                     $getattach_row['image'] = 1;

                     if ($height > 400)
                     {
                         $getattach_row['height'] = 400;
                     }
                     elseif ($width > 400)
                     {
                         $getattach_row['width'] = 400;
                     }
                 }
                 $getattach_rows[] = $getattach_row;
                 $Smarty->assign_by_ref('getattach_row',$getattach_rows);
             }
			 
/////////
			   }
/////////
         }
         $Smarty->assign('getattach_num',$getattach_num);

         $text = stripslashes($text);
         $Smarty->assign('text',$text);

         $user_sig = $writer_row['user_sig'];
         $user_sig=$SF->SafeOutPuts($user_sig);

         $user_sig = str_replace('>', '&gt;', $user_sig);
         $user_sig = str_replace('<', '&lt;', $user_sig);

         $user_sig = $SF->SmartCode_replace($user_sig);
         $user_sig = $SF->SmilesReplace($user_sig);

         $Smarty->assign('user_sig',$user_sig);

         $getwritergroup_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "group WHERE id='" . $writer_row['usergroup'] . "'");
         $getwritergroup_row   = $DB->sql_fetch_array($getwritergroup_query);

         $writer_style         = $getwritergroup_row['username_style'];
         $writer_style         = explode('[username]',$writer_style);
         $writer_style         = $writer_style[0] . htmlspecialchars($writer_row['username']) . $writer_style[1];

         $Smarty->assign('writer_style',$writer_style);

         $RP->SetPagerN($info_row['subject_perpage'],$DB->sql_num_rows($DB->sql_query("SELECT * FROM " . $db_prefix . "reply WHERE subject_id='" . $subject_row['id'] . "' AND delete_topic<>'1'")));

         $Smarty->assign('print_page',$RP->PageNum('show=1&main=1&id=' . $id . $url_password));


         $getnextsubject_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "subject WHERE id < '$id' and section='" . $subject_row['section'] . "' ORDER BY id DESC LIMIT 0,1");
         $getnextsubject_row   = $DB->sql_fetch_array($getnextsubject_query);
         $getnextsubject_num   = $DB->sql_num_rows($getnextsubject_query);


         $getpersubject_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "subject WHERE id > '$id' and section='" . $subject_row['section'] . "' ORDER BY id ASC LIMIT 0,1");
         $getpersubject_row   = $DB->sql_fetch_array($getpersubject_query);
         $getpersubject_num   = $DB->sql_num_rows($getpersubject_query);

         $Smarty->assign('getnextsubject_num',$getnextsubject_num);
         $Smarty->assign('getpersubject_num',$getpersubject_num);
         $Smarty->assign_by_ref('getnextsubject_row',$getnextsubject_row);
         $Smarty->assign_by_ref('getpersubject_row',$getpersubject_row);

         if ($info_row['online_now_subject'] == 1)
         {
             $usershowsubject_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "online WHERE subject_show='1' AND hide_browse='0' AND subject_id='$id'");
             $usershowsubject_num   = $DB->sql_num_rows($usershowsubject_query);

             if ($groupper_row['show_hidden'] != 1)
             {
                 if ($info_row['show_onlineguest'] != 1)
                 {
                     $usershowsubject_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "online WHERE username<>'زائر' AND user_id<>'' AND hide_browse<>'1' AND subject_id='$id' ORDER BY user_id ASC");
                 }

                 if ($info_row['show_onlineguest'] == 1)
                 {
                     $usershowsubject_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "online WHERE hide_browse<>'1' AND subject_id='$id' ORDER BY user_id ASC");
                 }
             }

             if ($groupper_row['show_hidden'] == 1)
             {
                 if ($info_row['show_onlineguest'] != 1)
                 {
                     $usershowsubject_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "online WHERE username<>'زائر' AND user_id<>'' AND subject_id='$id' ORDER BY user_id ASC");
                 }

                 if ($info_row['show_onlineguest'] == 1)
                 {
                     $usershowsubject_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "online WHERE subject_id='$id' ORDER BY user_id ASC");
                 }
             }

             $usershowsubject_rows = array();
             while ($usershowsubject_row = $DB->sql_fetch_array($usershowsubject_query))
             {
                 $usershowsubject_rows[] = $usershowsubject_row;
                 $Smarty->assign('usershowsubject_rows',$usershowsubject_rows);
             }

             $Smarty->assign('usershowsubject_num',$usershowsubject_num);
         }

         if ($section_row['sub_section'] == 1)
         {
             $getmainsections_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "section WHERE id='" . $section_row['from_sub_section'] . "'");
             $getmainsection_row    = $DB->sql_fetch_array($getmainsections_query);
             $Smarty->assign_by_ref('getmainsection_row',$getmainsection_row);
         }







         $getcards_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "cards WHERE card_member='" . $writer_row['username'] . "'");
         $getcards_num = $DB->sql_num_rows($getcards_query);
         $getcards_row = $DB->sql_fetch_array($getcards_query);
		 
		 
         $msg = $getcards_row['card_msg'];
         $msg = $SF->SafeOutPuts($msg);

         $msg = str_replace('>', '&gt;', $msg);
         $msg = str_replace('<', '&lt;', $msg);			 
		 
		 
             $Smarty->assign('getcards_num',$getcards_num);
             $Smarty->assign_by_ref('getcards_row',$getcards_row);
             $Smarty->assign('msg',$msg);

         $Smarty->assign('url_password',$SF->SafeOutPuts($url_password));
         $Smarty->display('post_subject-top.tpl');

         $away = $writer_row['away_msg'];
         $away=$SF->SafeOutPuts($ayaw);

         $away = str_replace('>', '&gt;',$away);
         $away = str_replace('<', '&lt;',$away);
         $away = $SF->SmilesReplace($away);
         $away = nl2br($away);

         $Smarty->assign('away',$away);
		 $numformylatesttopic = $info_row["member_latest_topics"]+1;
//My Latest Topics Hack

	if($info_row["member_latest_topics_activate"] == 1) {
	
	$Latest_Topicsq = $DB->sql_query("select * from ".$db_prefix."subject where writer='".$writer_row["username"]."' order by rand() Limit ".$numformylatesttopic."");
	
	$Latest_Topics_num = $DB->sql_fetch_array($Latest_Topicsq);
	
	$Smarty->assign('Latest_Topics_num',$Latest_Topics_num);
	
	$Latest_Topic = array();
	
	while($Latest_Topic_row = $DB->sql_fetch_array($Latest_Topicsq)) {
	
	$Latest_Topic[] = $Latest_Topic_row;
	$Latest_Topic = $SF->SafeOutPuts($Latest_Topic);
	
	$Smarty->assign('Latest_Topic',$Latest_Topic);

}

}

//---------------------

         if ($info_row['show_subject_all'] == 1 or $info_row['show_subject_all'] == 0 and $start == 0)
         {
             $Smarty->display('post_show-topic.tpl');
         }
         elseif ($info_row['show_subject_all'] == 1 and $start != 0)
         {
                // Do nothing :)
         }

         #Reply
         $reply_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "reply WHERE subject_id='" . $subject_row['id'] . "' AND delete_topic<>'1' ORDER BY id ASC LIMIT $start," . $info_row['subject_perpage'] ."");
         $reply_num   = $DB->sql_num_rows($reply_query);

         if ($reply_num != 0)
         {
             $i = $start;
             $s_replyer = array();
             array_push($s_replyer,$writer_row['username']);

             while ($reply_row = $DB->sql_fetch_array($reply_query))
             {

                 $replier_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "member WHERE username='" . $SF->SafeSQL($reply_row['writer']) . "'");
                 $replier_num   = $DB->sql_num_rows($replier_query);

                 $i = $i+1;
                 while ($replier_row = $DB->sql_fetch_array($replier_query))
                 {

                     $replier_status_num = $DB->sql_query("SELECT * FROM " . $db_prefix . "online WHERE username='".$SF->SafeSQL($replier_row['username'])."'");
                     if ($DB->sql_num_rows($replier_status_num) > 0)
                     {
                         $replier_status = "<img src='image/online.png' >";
                     }

                     if ($DB->sql_num_rows($replier_status_num) <= 0)
                     {
                         $replier_status = "<img src='image/offline.png' >";
                     }

                     if ($replier_row['user_gender'] == 'm')
                     {
                         $replier_gender = 'ذكر';
                     }

                     if ($replier_row['user_gender'] == 'f')
                     {
                         $replier_gender = 'أنثى';
                     }

                         $rep1 = $DB->sql_query("SELECT * FROM ".$db_prefix."reply WHERE writer='" . $SF->SafeSQL($reply_row['writer']) . "'");
                         $rep_num1 = $DB->sql_num_rows($rep1);
                         $Smarty->assign('rep_num',$rep_num1);
                         $auth1 = $DB->sql_query("SELECT * FROM ".$db_prefix."subject WHERE writer='" . $SF->SafeSQL($reply_row['writer']) . "'");
                         $auth_num1 = $DB->sql_num_rows($auth1);
                         $Smarty->assign('auth_num',$auth_num1);

                     if ($reply_row['writer'] != 'زائر')
                     {
                         $Smarty->assign('writer_is_visitor',0);
                         $writer_is_visitor = 0;
                     }

                     $text = $reply_row['text'];
	       			 $text=$SF->SafeOutPuts($text);

                     $text = str_replace('>', '&gt;', $text);
                     $text = str_replace('<', '&lt;', $text);

                     $text = $SF->SmilesReplace($text);


                     if ($section_row['usesmartcode_allow'] == 1)
                     {
                         // thanks abuamal :)
                         $text = preg_replace('#\[(code|php|html)\](.*)\[/\\1\]#siUe', "strip_smiles(str_replace('\\\"', '\"', '\\0'))", $text);
                         $text = $SF->SmartCode_replace($text);
                     }

                     $getwritergroup_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "group WHERE id='" . $replier_row['usergroup'] . "'");
                     $getwritergroup_row   = $DB->sql_fetch_array($getwritergroup_query);

                     $writer_style         = $getwritergroup_row['username_style'];
                     $writer_style         = explode('[username]',$writer_style);
                     $writer_style         = $writer_style[0] . htmlspecialchars($replier_row['username']) . $writer_style[1];

                     $topic_time = user_time( $reply_row['write_time'], ( $member_permission == 1 ) ? $member_row['user_time'] : $info_row['time_stamp'] );

                     $reply_url = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];

                     if (in_array($replier_row['username'], $s_replyer)) {
                         $s_writer = "1";
                     }
                     else
                     {
                         $s_writer = "0";
                         array_push($s_replyer,$replier_row['username']);
                     }

                     $user_sig = $replier_row['user_sig'];
	       			 $user_sig = $SF->SafeOutPuts($user_sig);
                     $user_sig = str_replace('>', '&gt;', $user_sig);
                     $user_sig = str_replace('<', '&lt;', $user_sig);
                     $user_sig = $SF->SmartCode_replace($user_sig);

                     $user_sig = $SF->SmilesReplace($user_sig);

                     $away = $replier_row['away_msg'];
	      			 $away = $SF->SafeOutPuts($away);
                     $away = str_replace('>', '&gt;', $away);
                     $away = str_replace('<', '&lt;', $away);

                     $away = $SF->SmilesReplace($away);
                     $away = nl2br($away);
			$numformylatesttopic = $info_row["member_latest_topics"]+1;
			//My Latest Topics Hack
			
			if($info_row["member_latest_topics_activate"] == 1) {
			
			$Latest_Topicsq = $DB->sql_query("select * from ".$db_prefix."subject where writer='".$replier_row["username"]."' order by rand() Limit ".$numformylatesttopic."");
			
			$Latest_Topics_num = $DB->sql_fetch_array($Latest_Topicsq);
			
			$Smarty->assign('Latest_Topics_num',$Latest_Topics_num);
			
			$Latest_Topic = array();
			
			while($Latest_Topic_row = $DB->sql_fetch_array($Latest_Topicsq)) {
			
			$Latest_Topic[] = $Latest_Topic_row;
			$Latest_Topic = $SF->SafeOutPuts($Latest_Topic);

			$Smarty->assign('Latest_Topic',$Latest_Topic);

}

}

//---------------------

                     if (empty($reply_row['title']))
                     {
                         $title = '';
                     }
                     else
                     {
                         $title = htmlspecialchars(stripcslashes($reply_row['title']));
                     }

                     if ($reply_row['writer'] == 'زائر')
                     {
                         $Smarty->assign('writer_is_visitor',1);
                         $writer_is_visitor = 1;
                     }


                     $getattach_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "attach WHERE subject_id='" . $reply_row['id'] . "' AND reply='1'");
                     $getattach_num = $DB->sql_num_rows($getattach_query);

                     $Smarty->assign('getattach_num',$getattach_num);
                     if ($getattach_num != 0)
                     {
                         $getattach_reply_rows = array();
                         while ($getattach_reply_row2 = $DB->sql_fetch_array($getattach_query))
                         {
                             $attach_ex = $SF->Get_file_extension(htmlspecialchars($getattach_row['filename']));
                             $image_extensions = array ('.jpg',
                                           '.gif',
                                           '.jpeg',
                                           '.jpe',
										   '.png',
                                           '.bmp'
                                          );
                             if (in_array ($attach_ex,$image_extensions))
                             {
                                 $image_size = @getimagesize("" . $getattach_row['filepath'] . "");
                                 $height = $image_size[1];
                                 $width = $image_size[0];
                                 $getattach_row['image'] = 1;

                                 if ($height >= 400)
                                 {
                                     $getattach_row['height'] = 400;
                                 }
                                 elseif ($width >= 400)
                                 {
                                     $getattach_row['width'] = 400;
                                 }
                             }
                             $getattach_reply_row[] = $getattach_reply_row2;
                             $Smarty->assign_by_ref('getattach_reply_row',$getattach_reply_row);
                         }
                     }
                     unset ($getattach_reply_row);

                     $Smarty->assign_by_ref('replier_row',$replier_row);
                     $Smarty->assign_by_ref('reply_row',$reply_row);
                     $Smarty->assign('topic_time',$topic_time);
                     $Smarty->assign('i',$i);
                     $Smarty->assign('title',$title);
                     $Smarty->assign('reply_url',$reply_url);
                     $Smarty->assign('writer_is_visitor',$w_is_visitor);
                     $Smarty->assign('writer_style',$writer_style);
                     $Smarty->assign('register_date',$SF->DateFormatDo($replier_row['register_date']));
                     $Smarty->assign('replier_status',$replier_status);
                     $Smarty->assign('replier_gender',$replier_gender);
                     $Smarty->assign('text',stripcslashes($text));
                     $Smarty->assign('away',$away);
                     $Smarty->assign('user_sig',$user_sig);
                     $Smarty->assign('s_iteration',$s_writer);
                     $Smarty->assign('subject_id',intval($_GET['id']));

                     $Smarty->display('post_show-reply1.tpl');
                 }
             }
         }

         $smiles_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "smiles WHERE smile_type='0' ORDER BY id ASC LIMIT 0,13");

         $smiles_row = array();
         while ($smile_row = $DB->sql_fetch_array($smiles_query))
         {
             $smiles_row[] = $smile_row;
             $Smarty->assign('smiles_row',$smiles_row);
         }

         $icons_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "smiles WHERE smile_type<>'0' ORDER BY id DESC");

         $icons_row = array();
         while ($icon_row = $DB->sql_fetch_array($icons_query))
         {
             $icons_row[] = $icon_row;
             $Smarty->assign('icons_row',$icons_row);
         }

         $title    = explode(' ',$subject_row['title']);
         $t_number = 0;

         if (strlen($title[0]) <= 3)
         {
             $t_number = 1;
         }

         if (strlen($title[$t_number]) <= 1)
         {
             $title = $SF->SafeSQL($title[$t_number].'\'');
         }

         if ($info_row['samesubject_show'] == 1)
         {
             $getsamesubject_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "subject WHERE title LIKE '%" . $SF->SafeSQL($title[$t_number]) . "%' AND id<>'" . $subject_row['id'] . "' AND delete_topic<>'1' AND sec_subject<>'1' LIMIT 0,10");
             $getsamesubject_num   = $DB->sql_num_rows($getsamesubject_query);

             while ($getsamesubject_row = $DB->sql_fetch_array($getsamesubject_query))
             {
                 $getsamesection_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "section WHERE id='" . intval($getsamesubject_row['section']) . "'");

                 $getsamesection_rows = array();
                 $getsamesubject_rows = array();
                 while ($getsamesection_row = $DB->sql_fetch_array($getsamesection_query))
                 {
                     $getsamesection_rows[] =  $getsamesection_row;
                     $Smarty->assign('getsamesection_row',$getsamesection_rows);
                 }

                 $getsamereply_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "reply WHERE subject_id='" . intval($getsamesubject_row['id']) . "' ORDER BY id DESC LIMIT 1");

                 $getsamereply_rows = array();
                 while ($getsamereply_row = $DB->sql_fetch_array($getsamereply_query))
                 {
                     $getsamereply_rows[] = $getsamereply_row;
                     $Smarty->assign('getsamereply_rows',$getsamereply_rows);
                 }

                 $getsamesubject_rows[] = $getsamesubject_row;
                 $Smarty->assign('getsamesubject_rows',$getsamesubject_rows);
             }
         }
			$keywords = $subject_row['keywords'];
			$keywords = $SF->SafeOutPuts($keywords);
            $Smarty->assign('keywords',$keywords);

         $Smarty->display('post_subject-bottom.tpl');

         if ($info_row['fastreply_allow'] == 1)
         {
             $temp = md5(time());
             $Smarty->assign('temp',$temp);

             $SF->GetSmartCode();
             $Smarty->assign('s_id',intval($_GET['id']));

             $Smarty->assign( 'moderator', ( $mode_toolbar == 0 ) ? 0 : 1 );

             $Smarty->assign( 'stick', ( $subject_row['stick'] == 1 ) ? 1 : 0 );
             $Smarty->assign( 'close', ( $subject_row['close'] == 1 ) ? 1 : 0 );

             $Smarty->display('post_quick-reply.tpl');
         }

         if ($getsamesubject_num > 0)
         {
             $Smarty->display('post_same-subjects.tpl');
         }

         $Smarty->display('topic_who-is-online.tpl');
         $SF->FastMove();
         $Smarty->display('footer.tpl');
		 
		 
		 
		 
		 
		 

         $update = $DB->sql_query("UPDATE " . $db_prefix . "online SET username='" . $SF->SafeSQL($member_row['username']) . "',username_style='" . $style_username . "',logged='" . $now . "',path='" . $_SERVER['PHP_SELF'] . "',user_ip='" . $ip . "',notinindex_id='". $subject_row['section'] ."',hide_browse='" . $member_row['hide_online'] . "',user_location='" . $u_location . "',subject_show='" . $subject_show . "',subject_id='" . $subject_id . "' WHERE username='" . $member_row['username'] . "'");
     }

                 if ($_GET['cardw'] == 1)
                 {
				// $id  = intval($_GET['id']);

                     $card_set = 0;

                     if (!empty($_POST['S1']) and $_POST['D1'] == 1)
                     {
                         $card_msg = nl2br($_POST['S1']);
                         $card_set = 1;
                     }

                     if (!empty($_POST['S1']) and $_POST['D1'] == 0)
                     {
                         $card_msg = nl2br($_POST['S1']);
                         $card_set = 0;
                     }

                     if (empty($_POST['S1']))
                     {
                         $card_set = 0;
                     }

                     $user_card_yellow = $_POST['T1'];
                     $user_card_reed = $_POST['T2'];
                     $user_card_black = $_POST['T3'];


                     $card = $SF->SafeSQL($_POST['S1']);
					 $member = $SF->SafeSQL($_POST['username']);
					 

         if ($getcards_num == 0)
         {					 
                $inseru = $DB->sql_query("INSERT INTO " . $db_prefix . "cards(id,card_status,card_member,card_msg,card_yellow,card_reed,card_black,by_admin) VALUES('NULL','" . $card_set . "','" . $member . "','" . $card . "','" . $SF->SafeSQL($user_card_yellow) . "','" . $SF->SafeSQL($user_card_reed) . "','" . $SF->SafeSQL($user_card_black) . "','" . $SF->SafeSQL($member_row['username']) . "')");
		 }
		else
		 {
		 		$update = $DB->sql_query("UPDATE " . $db_prefix . "cards SET card_status='" . $card_set . "',card_member='" . $member . "',card_msg='" . $card . "',card_yellow='". $SF->SafeSQL($user_card_yellow) ."',card_reed='" . $SF->SafeSQL($user_card_reed) . "',card_black='" . $SF->SafeSQL($user_card_black) . "',by_admin='" . $SF->SafeSQL($member_row['username']) . "' WHERE card_member='" . $member . "'");
		 }							 

                     if ($inseru)
                     {	
						$Smarty->display('header.tpl');	 
						$Smarty->assign('msgg','تم إعطاء العضو المذكور المخالفة بنجاح, سوف ننفلك إلى الصفحة الرئيسية ..!'); 
						$Smarty->assign('GO','index.php');
						$Smarty->assign('user_card_yellow',$user_card_yellow);
						$Smarty->assign('user_card_reed',$user_card_reed);
						$Smarty->assign('user_card_black',$user_card_black);
						$Smarty->assign('id',$id);
						$SF->go_to('index.php',2);             
						$Smarty->display('loading.tpl');

                        $Smarty->display('footer.tpl');
                     }
					 
					 elseif ($update)
                 	 {			
						$Smarty->display('header.tpl');	 
						$Smarty->assign('msgg','تم إعطاء العضو المذكور المخالفة بنجاح, سوف ننفلك إلى الصفحة الرئيسية ..!'); 
						$Smarty->assign('GO','index.php');
						$Smarty->assign('user_card_yellow',$user_card_yellow);
						$Smarty->assign('user_card_reed',$user_card_reed);
						$Smarty->assign('user_card_black',$user_card_black);
						$Smarty->assign('id',$id);
						$SF->go_to('index.php',2);             
						$Smarty->display('loading.tpl');

                        $Smarty->display('footer.tpl');
					 }
					 
					 else
					 {
					 	$SF->error('معذرة ..! هناك خلل في النظام, لم يتم إعطاء العضو المذكور المخالفة, أعد بإسم صحيح',2);
					 }
                 }		 
   
?>